FRAMEWORK FOR FINE-GRAIN ACCESS CONTROL FROM HIGH-LEVEL APPLICATION PERMISSIONS
First Claim
1. A method for access control of an application feature to resources on a mobile computing device comprising the steps of:
- preparing an application for installation on the mobile computing device via a processor;
identifying an application permission associated with the application, the application permission relating to access of resources of the mobile computing device;
determining restrictions associated with the application permission;
defining a set of mandatory access control rules for the application permission based on the restrictions;
combining the set of mandatory access control rules and the application permission in a loadable mandatory access control policy module; and
storing the loadable mandatory access control policy module in a memory of the mobile computing device, the loadable mandatory access control policy module capable of being enforced by an operating system of the mobile computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for access control of an application feature to resources on a mobile computing device. An application is prepared for installation on the mobile computing device via a processor. An application permission associated with the application is identified. The application permission relates to access of resources of the mobile computing device. Restrictions associated with the application permission are determined. A set of mandatory access control rules are defined for the application permission based on the restrictions. The set of mandatory access control rules and the application permission are combined in a loadable mandatory access control policy module. The loadable mandatory access control policy module is stored in a memory of the mobile computing device, the loadable mandatory access control policy module capable of being enforced by an operating system of the mobile computing device.
13 Citations
22 Claims
-
1. A method for access control of an application feature to resources on a mobile computing device comprising the steps of:
-
preparing an application for installation on the mobile computing device via a processor; identifying an application permission associated with the application, the application permission relating to access of resources of the mobile computing device; determining restrictions associated with the application permission; defining a set of mandatory access control rules for the application permission based on the restrictions; combining the set of mandatory access control rules and the application permission in a loadable mandatory access control policy module; and storing the loadable mandatory access control policy module in a memory of the mobile computing device, the loadable mandatory access control policy module capable of being enforced by an operating system of the mobile computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for installing access control on a mobile computing device comprising:
-
establishing a communication between a mobile computing device and an application distribution entity, the application distribution entity configured to transmit an application to the mobile computing device upon a request by the mobile computing device; sending a request by the mobile computing device to the application entity for downloading the application; identifying application permissions associated with the application, the application permission relating to access resources of the mobile computing device; determining restrictions associated with the application permission; defining a set of mandatory access control rules for the application permission; and combining the set of mandatory access control rules and the application permission in a loadable mandatory access control policy module. - View Dependent Claims (21, 22)
-
Specification